On Wednesday, the Korean Communication Commission (KCC) revealed that it had sanctioned eight Korean cryptocurrency exchanges. Korea has a Personal Information Protection Act in place to ensure that firms safeguard data privacy. The eight cryptocurrency exchanges will pay $132,500 in penalties for being in violation of the Information Protection Act.
KCC’s Rectification Measures For Addressing Data Privacy Concerns
The sanctioning announcement came in the wake of the commission’s onsite survey of ten Korean exchanges. The Korean Communication Commission carried out the study in partnership with Ministry of Science Information and Technology, and the Korean Internet Development Agency. A statement by KCC reveals that of the ten exchanges surveyed, eight are in violation of the Personal Information Protection Act. The two exchanges that were not found guilty had stopped offering regulated services during the time of the survey.
Currently, the Korean Communication Commission is setting up policies that will help ensure that coin exchanges operating in the country adhere to the Information Protection Act. KCC believes that stricter sanctions will reduce the damage caused by transacting at exchanges that don’t guarantee data privacy.
Lee Hyo-Sung went on to elaborate that from KCC’s survey, cases of data intrusion are on the rise globally. As per KCC’s survey, most of South Korea’s exchanges are using systems that are easy targets for malicious activities.
30 Days; The Time Given to All Korean Cryptocurrency Exchanges to Improve Privacy After Failing Tests
Cryptocurrency exchanges in violation of the Personal Information Protection Act have 30 days to comply with Korea’s privacy standards. Cryptocurrency exchanges found in violation after the 30 days will face harsher penalties.
KCC is planning to roll out an awareness campaign. KCC, through the awareness campaign, will offer guidelines and training of personnel in charge of data protection at cryptocurrency exchanges. The commission is expecting that all Korean cryptocurrency exchanges to have access control systems. The commission is recommending intrusion prevention systems capable of preventing unauthorized access to client data.